Know your regulatory body: the ICO

The ICO is the subject of the second of the Prizeologist’s short posts on the organisations which regulate how prize promotions are run (the first looked at the ASA – you can read that here).

Name: Information Commissioner’s Office (ICO)

Need to know: The ICO is an independent body, which protects ‘information rights’ in the UK. Its work covers compliance with a number of pieces of legislation, but principally the Data Protection Act 1998 and the Freedom of Information Act 2000. The new General Data Protection Regulation (GDPR), which comes into force next May, will also be within the ICO’s remit.

So how does that relate to prize promotions? Well, if you hold personal information about people who’ve entered a competition or promotion, you must register with the ICO (this may change once the GDPR is in place – we don’t know yet) and if you want to send those entrants further communications – information about special offers or a newsletter, for example – you must obtain their consent to do that in advance.

Compliance with information rights legislation should not to be taken lightly (see Penalties below), because individual members of the public can and do raise concerns about specific organisations with the ICO. There’s more detail about how the ICO deals with complaints in this video.

Famous cases: In October 2016, with a whopping £400,000 fine was issued to telecoms company TalkTalk for failing to prevent a cyber attack in which 156,959 customers had their personal information, including their names, addresses, dates of birth, phone numbers, email addresses and, in 15,656 cases, their bank details, stolen.

Penalties: When there’s been a serious breach of the legislation, the ICO prefers to work with the offending organisation to make sure it gets it right in the future. However, if that organisation isn’t responsive the ICO may also take what it calls ‘enforcement action’. This can include prosecution under the Data Protection Act and in particularly serious cases the ICO can impose a fine – of up to £500.00. In 2016-17, the ICO imposed fines totalling more than £1.9 million for unlawful marketing activities.

And finally: When you’re running prize promotions, make sure you have consent for marketing communications – in other words get the opt-ins right. You cannot automatically add all your entrants’ details to your email newsletter. Compliance with the relevant legislation is an area where we at Prizeology really know our stuff, so we’re well placed to help you ensure you don’t fall foul of the ICO.

Sarah Burns is Prizeology’s Chief Prizeologist, an IPM Board Director, and a SCAMbassador for National Trading Standards Scams Team.

© Prizeology and The Prizeologist Blog, 2018. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited.

Running a prize promotion on Facebook

It’s been a while since I’ve talked about how to running a prize promotion on Facebook prize promotion, but it’s a topic worth revisiting, partly because the rules are updated from time to time, and partly because those rules mean it’s not quite as easy as you might think to use the social media platform […]

READ MORE >

On-Pack prize promotion: Win with Kingsmill

I like a piece of toast and marmalade in the morning. Sometimes I have a sandwich, usually hummus and carrot, for lunch. And when it comes to comfort eating, you can’t beat a nice, thick piece of bread and butter pudding. Why am I talking about bread? Because Prizeology has been working on a major […]

READ MORE >

Prize promotions cheats

Cheating. It means acting dishonestly in order to gain an advantage. To avoid any doubt, an advantage in the context of prize promotions is a prize – a restaurant or retailer voucher, a gaming console, a year’s supply of a particular product, a holiday (back in the day when we could take holidays) and, yes, […]

READ MORE >
Send this to a friend